> This at least suggests that the v1.7 readers need to check *all* > hashes that are offered and raise an alarm if some verify and others > don't. Is that good enough?
Isn't that what SSL/TLS does?
/r$
--
STSM, DataPower CTO
WebSphere Appliance Architect
http://www.ibm.com/software/integration/datapower/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
